CVE-2010-2461
high
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
8.5
Description
SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Overstock Script - SQL Injection
1 ########################################## 1
0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title:Overstock Script SQL Vulnerable
Vendor url:http://www.jce-tech.com
Version:1
Price:n/a
Published: 2010-06-21
Greetz to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sonic Bluehat.
Special Greetz: Topsecure.net, inj3ct0r Team
Shoutzz:- To all ICW members
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:
Overstock script is a PHP based script that can be used to display product data from the Overstock XML data feed. The script comes complete with a default template to get you started. It completely separates PHP logic and HTML look. Code: PHP 4.0
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Vulnerability:
*SQLi Vulnerability
DEMO URL :
http://server/storecat.php?store=[sqli]
# 0day n0 m0re #
# L0rd CrusAd3r #Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| jce-tech | overstock_script | 1.0 | |
References
- http://packetstormsecurity.org/1006-exploits/overstock-sql.txt
- http://www.exploit-db.com/exploits/13946
- http://www.securityfocus.com/bid/40990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59596
- http://packetstormsecurity.org/1006-exploits/overstock-sql.txt
- http://www.exploit-db.com/exploits/13946
- http://www.securityfocus.com/bid/40990
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59596
CWEs
CWE-89
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.